Safety-assured model-based development of real-time embedded software for the GPCA infusion pump

BaekGyu Kim, University of Pennsylvania


Many safety-critical embedded systems must meet safety requirements associated with timing constraints. Not only shall a system read/write correct input or output values, but also those operations shall be performed with the right timing. Failing to meet those timing constraints results in serious safety issues (e.g., medical device malfunctions may harm patients). It is difficult to develop complex embedded software in a correct way without rigorous and systematic handling of various sources that affect the timed behavior of a system. We propose the model-based development framework that enables timing aspects of a system to be formally modeled, verified, and further implemented in a systematic way. The fundamental idea is to separate the timing concerns of the platform-independent and the platform-dependent aspects of a system. In the platform-independent development phase, input and output timed interactions between a system and its environment is modeled and verified using state-transition formalism (e.g., UPPAAL) by hiding platform-dependent timing details. In the platform-dependent development phase, such platform-dependent timing details are modeled using architectural modeling languages ( e.g., AADL) that are necessary to execute the platform-independent code on a particular platform, such as internal interactions among software components (e.g., threads) and hardware components ( e.g., sensors and actuators). The platform-independent code and the platform-dependent code are independently developed from the different levels of timing abstractions, and composed together in the integration phase. In this phase, we propose a way to systematically extend the platform-independent model into different platform-specific models, which formally characterize the implementation-level timed behavior that can be verified for timing requirement conformance. In case this verification step fails, we propose a way to adjust the timing parameters of the platform-independent code by compensating for the platform-dependent processing delays in such a way that the resulting implementation meets the timing requirements verified in the platform-independent model. Applicability of this development approach was demonstrated by developing software running on several Patient-Controlled Analgesia (PCA) infusion pump systems. We hope that this approach is also applicable to other safety-critical domains where generic software needs to be developed independently of a particular platform, and integrated with many different platforms in a way that conforms to timing requirements.

Subject Area

Computer science

Recommended Citation

Kim, BaekGyu, "Safety-assured model-based development of real-time embedded software for the GPCA infusion pump" (2015). Dissertations available from ProQuest. AAI3723870.